沃梦达 / 编程问答 / php问题 / 正文

如何在 Laravel whoops 输出中隐藏 .env 密码?

How to hide .env passwords in Laravel whoops output?(如何在 Laravel whoops 输出中隐藏 .env 密码?)

本文介绍了如何在 Laravel whoops 输出中隐藏 .env 密码?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

如何在 Laravel 的 whoops 输出中隐藏我的密码和其他敏感环境变量?

有时其他人正在查看我的开发工作.如果抛出异常,我不希望他们看到这些秘密,但我也不希望不得不不断地打开和关闭调试,或者为了快速预览而启动一个专用站点.

解决方案

截至

How can I hide my passwords and other sensitive environment variables on-screen in Laravel's whoops output?

Sometimes other people are looking at my development work. I don't want them to see these secrets if an exception is thrown, but I also don't want to have to keep toggling debug on and off, or spin up a dedicated site just for a quick preview.

解决方案

As of Laravel 5.5.13, you can censor variables by listing them under the key debug_blacklist in config/app.php. When an exception is thrown, whoops will mask these values with asterisks * for each character.

For example, given this config/app.php

return [

    // ...

    'debug_blacklist' => [
        '_ENV' => [
            'APP_KEY',
            'DB_PASSWORD',
            'REDIS_PASSWORD',
            'MAIL_PASSWORD',
            'PUSHER_APP_KEY',
            'PUSHER_APP_SECRET',
        ],
        '_SERVER' => [
            'APP_KEY',
            'DB_PASSWORD',
            'REDIS_PASSWORD',
            'MAIL_PASSWORD',
            'PUSHER_APP_KEY',
            'PUSHER_APP_SECRET',
        ],
        '_POST' => [
            'password',
        ],
    ],
];

Results in this output:

这篇关于如何在 Laravel whoops 输出中隐藏 .env 密码?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!

本文标题为:如何在 Laravel whoops 输出中隐藏 .env 密码?

基础教程推荐